Description:

SonicWall has released a security advisory about the zero-day vulnerabilities in Email Security products. A remote attacker could exploit the vulnerabilities by sending specially crafted requests to an affected system.

Reports indicate that the vulnerabilities (CVE-2021-20021, CVE-2021-20022 and CVE-2021-20023) are being exploited in the wild. You are advised to take immediate action to patch your affected systems to mitigate the elevated risk of cyber attacks.

Affected Systems:

• SonicWall Email Security prior to version 10.0.9.6173 (Windows)
• SonicWall Email Security prior to version 10.0.9.6177 (Hardware & ESXi Virtual Appliance)
• SonicWall Hosted Email Security prior to version 10.0.9.6173

Impact:

Depending on the vulnerability exploited, a successful attack could lead to elevation of privilege, information disclosure, data tampering or compromise of an affected system.

Recommendation:

Software updates or patches for affected systems are now available. Administrators of affected systems should follow the recommendations provided by the product vendor and take immediate actions to mitigate the risk.

More Information:

• https://www.sonicwall.com/support/product-notification/security-notice-sonicwall-email-security-zero-day-vulnerabilities/210416112932360/
• https://www.hkcert.org/security-bulletin/sonicwall-email-security-multiple-zero-day-vulnerabilities_20210421
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20021
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20022
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20023